If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

I wrote an article for ezine not published yet it only 300 hundred words, so I thought I might aswell post it here for the kind members of antionline. Its no advance paper or anything just a simple guide, so no flaming please im a beginer myself.

In this article you will learn the top 3 techniques along with the top 3 tools needed to analyze and dissect malware successfully.

“Malware”

What is Malware? Well Malware is coined from the two words malicious and software. Malware refers to Spyware, Trojans, Bots, Viruses, Hijackers and other pieces of software with malicious intent.

Some prequisites, make sure you can program in C and understand C in a deep level another thing which is key is Assembley. Make sure you know the assembley architecture for the system your trying to reverse engineer under.

Vmware an excellent tool allows you to run multiple operating systems on one computer through a virtual interface. You can install Windows XP on the virtual computer and then run the malicious code on that virtual machine. This will provide you with safety from the malware and it also means cutting costs as you won’t have to sacrifice a computer for the analysis.

OllyDbg a superb assembly level debugger it can analyze binary code on the fly which is excellent especially when the source code is not available. When doing malware analyzes the source code is almost never available. This tool will help you work out how the malware works and what it does.

Wireshark the best network traffic analyzer in my opinion. Malicious programs almost always cause some sort of network traffic and you want to be able to decode what this traffic is. It might be a password being sent to an IRC server to join a channel, it might even be that text file you stored on your desktop as passwords.txt. Have your network analyzer setup before you run the malicious code that way you won’t miss a single packet.

With these 3 tools and techniques you should now be able to successfully dissect the malware, understand what it does and be able to protect your system from it.

It is alot of other software that can be used.
As diskimaging software, disassembler, instruction preventaion software.
Use herustic alalys and Instruction preventation software to protect and test protection against differnt kind of malware.